Blockchain-based ontology driven reference framework for security risk management

IF 2.7 3区计算机科学 Q3 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE Data & Knowledge Engineering Pub Date : 2023-12-04 DOI:10.1016/j.datak.2023.102257

Mubashar Iqbal , Aleksandr Kormiltsyn , Vimal Dwivedi , Raimundas Matulevičius

{"title":"Blockchain-based ontology driven reference framework for security risk management","authors":"Mubashar Iqbal , Aleksandr Kormiltsyn , Vimal Dwivedi , Raimundas Matulevičius","doi":"10.1016/j.datak.2023.102257","DOIUrl":null,"url":null,"abstract":"<div><p>Security risk management<span><span> (SRM) is crucial for protecting valuable assets from malicious harm. While blockchain technology has been proposed to mitigate security threats in traditional applications, it is not a perfect solution, and its security threats must be managed. This paper addresses the research problem of having no unified and formal knowledge models to support the SRM of traditional applications using blockchain and the SRM of blockchain-based applications. In accordance with this, we present a blockchain-based reference model (BbRM) and an ontology driven reference framework (OntReF) for the SRM of traditional and blockchain-based applications. The BbRM consolidates security threats of traditional and blockchain-based applications, structured following the SRM domain model and offers guidance for creating the OntReF using the domain model. OntReF is grounded on unified foundational ontology (UFO) and provides semantic interoperability and supporting the dynamic knowledge representation and </span>instantiation of information security knowledge for the SRM. Our evaluation approaches demonstrate that OntReF is practical to use.</span></p></div>","PeriodicalId":55184,"journal":{"name":"Data & Knowledge Engineering","volume":null,"pages":null},"PeriodicalIF":2.7000,"publicationDate":"2023-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Data & Knowledge Engineering","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0169023X23001179","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Security risk management (SRM) is crucial for protecting valuable assets from malicious harm. While blockchain technology has been proposed to mitigate security threats in traditional applications, it is not a perfect solution, and its security threats must be managed. This paper addresses the research problem of having no unified and formal knowledge models to support the SRM of traditional applications using blockchain and the SRM of blockchain-based applications. In accordance with this, we present a blockchain-based reference model (BbRM) and an ontology driven reference framework (OntReF) for the SRM of traditional and blockchain-based applications. The BbRM consolidates security threats of traditional and blockchain-based applications, structured following the SRM domain model and offers guidance for creating the OntReF using the domain model. OntReF is grounded on unified foundational ontology (UFO) and provides semantic interoperability and supporting the dynamic knowledge representation and instantiation of information security knowledge for the SRM. Our evaluation approaches demonstrate that OntReF is practical to use.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于区块链本体驱动的安全风险管理参考框架

安全风险管理(SRM)对于保护有价值的资产免受恶意损害至关重要。虽然区块链技术已被提出用于减轻传统应用程序中的安全威胁，但它并不是一个完美的解决方案，必须对其安全威胁进行管理。本文解决了传统区块链应用程序的SRM和基于区块链的应用程序的SRM没有统一的形式化知识模型支持的研究问题。据此，我们提出了一个基于区块链的参考模型(BbRM)和一个本体驱动的参考框架(OntReF)，用于传统和基于区块链的应用程序的SRM。BbRM整合了传统和基于区块链的应用程序的安全威胁，遵循SRM领域模型进行结构化，并为使用该领域模型创建OntReF提供指导。OntReF以统一基础本体(UFO)为基础，为SRM提供语义互操作性，并支持信息安全知识的动态知识表示和实例化。我们的评估方法表明OntReF是实用的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Data & Knowledge Engineering 工程技术-计算机：人工智能

CiteScore

5.00

自引率

0.00%

发文量

审稿时长

6 months

期刊介绍： Data & Knowledge Engineering (DKE) stimulates the exchange of ideas and interaction between these two related fields of interest. DKE reaches a world-wide audience of researchers, designers, managers and users. The major aim of the journal is to identify, investigate and analyze the underlying principles in the design and effective use of these systems.

期刊最新文献

Reasoning on responsibilities for optimal process alignment computation SRank: Guiding schema selection in NoSQL document stores Relating behaviour of data-aware process models A framework for understanding event abstraction problem solving: Current states of event abstraction studies A conceptual framework for the government big data ecosystem (‘datagov.eco’)